Which of the following will NOT affect acceleration?
A. Connections destined to or originated from the Security gateway
B. A 5-tuple match
C. Multicast packets
D. Connections that have a Handler (ICMP, FTP, H.323, etc.)
|
Download Printable PDF. VALID exam to help you PASS. |
 |
BE CAREFUL!!!
BE CAREFUL!!!
BE CAREFUL!!!
The 156-315.80 exam questions on this site are out of date!!!
Many new questions are NOT available!!!
Highly recommend to learn the NEWEST 156-315.80 exam questions from those files on Google Drive for free:
https://drive.google.com/open?id=1umH6uHoI5sTfMoeecdnYs8I5qHu9DET-
By the way, if you have other valid 156-315.80 study materials, please sharing them with us.
SHARING IS CARING!
Thanks and good luck!
B is the answer.
CCSE book:
There are several factors that preclude a packet from being accelerated, such as:
• The ClusterXL Sticky Decision Function (SDF) feature is enabled
• The first packet of any new TCP or UDP session, unless a template exists
• Connections destined to or originating from the Security Gateway
• Connections that require Security servers (Authentication, Antivirus, URL Filtering,
Anti-Spam, DNS protocol enforcement)
• Connections that have a Handler (ICMP, FTP, H.323, etc.)
• Some IPS features (IP, ID, TTL)
• Multicast packets
So, A,C,D – not accelerated. If we have security policy that has such rules, acceleration is affected because no SecureXL templates can be done for rules below the one we encountered.
“When SecureXL is enabled, all packets should be accelerated, except packets that match the following conditions:
(…)
All packets that match a rule, whose source or destination is the Security Gateway.”
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk32578
Answer : A
An new packet arrives at the inbound interface. The packet is checked against the connections table, which mirrors the firewall´s connections table. if there is a 5-tuple match, the new packet is part of an existing flow and is forwarded the outbound interface for handling.
B is correct
The correct ans is B, stated in checkpoint cook book
This is tricky question. All depends how understand meaning of “NOT affect”.
If question is: Which of the following traffic is NOT accelerated?
A is perfectly good.
If the meaning of “NOT affect” is “NO change in acceleration state”
A – always NOT accelerated, C,D – always accelerated
B- A 5-tuple match, or mismatch can change acceleration state, and can take effect acceleration 🙂
Packet is accelerated if the 5-tuple (protocol, src IP, dst IP, src port, dst port) matches i. e. it is found in the connection table. B is not correct.
Starting in R76, IPv4 multicast traffic is accelerated.
A rule with a service that has a ‘handler’ prevent a Connection Template from being created. However, packets after the first TCP/UDP packet are accelerated.
All packets that match a rule, whose source or destination is the Security Gateway itself are not accelerated.
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk32578&partition=Advanced&product=SecureXL%22
Correct answer: A
Which of the following will NOT affect acceleration?
A. Connections destined to or originated from the Security gateway: not accelerated
B. A 5-tuple match : Packet is accelerated if the 5-tuple (protocol, src IP, dst IP, src port, dst port) matches i. e. it is found in the connection table.
C. Multicast packets: not accelerated for ipv6
D. Connections that have a Handler (ICMP, FTP, H.323, etc.): not accelerated
Why do you say B is wrong? 🙂